CVE-2008-2138 (application_server

CVE-2008-2138 (application_server_portal)
BugsAlert Home > CVE-2008-2138 (application_server_portal)




Oracle Application Server (OracleAS) Portal 10g allows remote attackers to bypass intended access restrictions and read the contents of /dav_portal/portal/ via a request containing a trailing "%0A" (encoded line feed), then using the session ID that is generated from that request. NOTE: as of 20080512, Oracle has not commented on the accuracy of this report. Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2138 Learn more about CVE-2008-2138 (application_server_portal)


Tags: cve-2008-2138 application server portal

Related Items
MS07-022: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (931784) - Version:2.0
Will 2008 Really Be The ?Year of The Rat??
WORM_AGENT.ADYN
Woltlab Burning Board Lite "search.php" SQL Injection Vulnerabilities
Debian: New mono packages fix integer overflow
Gentoo update for splitvt
Dissecting and Digging Application Source Code for Vulnerabilities

CVE-2008-2138 (application_server_portal)